Several remote vulnerabilities have been discovered in the GNU privacy guard,
a free PGP replacement, which may lead to the execution of arbitrary code.
The Common Vulnerabilities and Exposures project identifies the following
problems:

Tavis Ormandy discovered that parsing a carefully crafted OpenPGP
packet may lead to the execution of arbitrary code, as a function
pointer of an internal structure may be controlled through the
decryption routines.

For the stable distribution (sarge) these problems have been fixed in
version 1.4.1-1.sarge6.

For the upcoming stable distribution (etch) these problems have been
fixed in version 1.4.6-1.

For the unstable distribution (sid) these problems have been fixed in
version 1.4.6-1.